
package security.business;

import Entity.Rol;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import login.beans.ConectionBean;
import security.DAO.RolDAO;

/**
 *
 * @author JuanFelipe
 */
public class RolBusiness {
    Connection connection;

    public RolBusiness( Connection currentConnection ) {
        connection = currentConnection;
    }
    
    public ArrayList<Rol> getRol() throws SQLException{
        String sql = "Select  * FROM dba_roles";
        ArrayList<Rol> roles = new ArrayList<>();
        try {
            ResultSet rs = new RolDAO( connection ).executeStatement( sql );
            while( rs.next() ){
                ArrayList<String> sl = new ArrayList<>();

                for(int i = 1 ; i <= rs.getMetaData().getColumnCount() ; i++){
                    if( rs.getString(i)==null )
                        sl.add( "(null)" );
                    else
                        sl.add( rs.getString(i) );
                }
                Rol aux = new Rol( sl.get(0), sl.get(1), sl.get(2)
                        , sl.get(3), sl.get(4) );
                roles.add( aux );
            }
            
        } catch (SQLException ex) {
            System.out.println("Error: "+ex);
            throw ex;
            //Logger.getLogger(UserBusiness.class.getName()).log(Level.SEVERE, null, ex);
        }
        return roles;
    }

    public ArrayList<String> getPrivileges() throws SQLException {
        String sql = "SELECT distinct PRIVILEGE FROM sys.dba_sys_privs";
        ArrayList<String> privileges = new ArrayList<>();
        try {
            ResultSet rs = new RolDAO( connection ).executeStatement( sql );
            while( rs.next() ){
                ArrayList<String> sl = new ArrayList<>();

                for(int i = 1 ; i <= rs.getMetaData().getColumnCount() ; i++){
                    if( rs.getString(i)==null )
                        sl.add( "(null)" );
                    else
                        sl.add( rs.getString(i) );
                }
                
                privileges.add( sl.get( 0 ) );
            }
            
        } catch (SQLException ex) {
            System.out.println("Error: "+ex);
            throw ex;
            //Logger.getLogger(UserBusiness.class.getName()).log(Level.SEVERE, null, ex);
        }
        return privileges;
    }
    
   public ArrayList<String> getPrivileges(String name) throws SQLException {
        String sql = "SELECT distinct PRIVILEGE FROM sys.dba_sys_privs WHERE grantee = '"+name+"'";
        ArrayList<String> privileges = new ArrayList<>();
        try {
            ResultSet rs = new RolDAO( connection ).executeStatement( sql );
            while( rs.next() ){
                ArrayList<String> sl = new ArrayList<>();

                for(int i = 1 ; i <= rs.getMetaData().getColumnCount() ; i++){
                    if( rs.getString(i)==null )
                        sl.add( "(null)" );
                    else
                        sl.add( rs.getString(i) );
                }
                
                privileges.add( sl.get( 0 ) );
            }
            
        } catch (SQLException ex) {
            System.out.println("Error: "+ex);
            throw ex;
            //Logger.getLogger(UserBusiness.class.getName()).log(Level.SEVERE, null, ex);
        }
        return privileges;
   }
    
    
    public void create(String name, List<String> target) throws SQLException {
        String sql;
        RolDAO rdao = new RolDAO( connection );
        int container = 1;
        sql = "CREATE ROLE \""+name+"\" NOT IDENTIFIED CONTAINER = ALL";
        System.out.println( sql );
        try{
            rdao.executeStatement( sql );
        }catch( SQLException e){
            container = 0;
            sql = "CREATE ROLE \""+name+"\" NOT IDENTIFIED";
            rdao.executeStatement( sql );
            System.out.println( sql );
        }
        
        for( String s : target ){
            sql = "GRANT "+s+" TO \""+name+"\"";
            if( container==1 )
                sql+=" container=ALL";
            System.out.println( sql );
            rdao.executeStatement( sql );
        }
    }
    
    public void delete( String name ) throws SQLException{
        String sql = "DROP ROLE \""+name+"\"";
        RolDAO rdao = new RolDAO( connection );
        System.out.println( sql );
        rdao.executeStatement( sql );
    }

    public void addPrivileges(String privilege, String name) throws SQLException {
        String sql = "grant "+privilege+" to \""+name+"\"";
        RolDAO rdao = new RolDAO( connection );
        System.out.println( sql );
        rdao.executeStatement( sql );
    }
    
    public void revokePrivileges(String privilege, String name) throws SQLException {
        String sql = "revoke "+privilege+" to \""+name+"\"";
        RolDAO rdao = new RolDAO( connection );
        System.out.println( sql );
        rdao.executeStatement( sql );
    }
}
